[Leaplist] major bug found in Linux to give root access
to untrusted users...
Ray Brunkow
ray at brunkow.ws
Wed Nov 4 23:42:49 EST 2009
Edward Guldemond wrote:
> On Wed, Nov 04, 2009 at 12:26:49PM -0500, Ray Brunkow wrote:
>
>> is this as bad as it sounds?
>>
>
> Check to see if your vm.mmap_min_addr sysctl is set to a value above
> 0. On my system (Debian), it's as simple as:
>
> $ sudo sysctl -n vm.mmap_min_addr
> 4096
>
> So my system is safe. Check yours. If it's not greater than zero,
> then use sysctl to set it to something greater than zero:
>
> $ sudo sysctl -w vm.mmap_min_addr=4096
>
> And put that in a startup script until your disto fixes it or you're
> using a patched kernel (though 4096 is a safe default setting).
>
> vm.mmap_min_addr, as the name implies, is the minimum memory address
> that a process can mmap(), and it's tunable. What this means is that
> a process will not be allowed to mmap() at 0, thus preventing the NULL
> pointer dereference attack.
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Leaplist mailing list
> Leaplist at leap-cf.org
> http://lists.leap-cf.org/mailman/listinfo/leaplist
>
so this is safe:
sysctl -n vm.mmap_min_addr
65536
--
Raymond L. Brunkow
5th Degree Black Belt
Certified Instructor
Choong Sil Kwan TaekwonDo Federation
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.leap-cf.org/pipermail/leaplist/attachments/20091104/a51ebd7b/attachment.html
More information about the Leaplist
mailing list